IT Security Manager

About The Position

Requirements

• Associate’s Degree or university degree in the computer related field with Bachelor’s Degree preferred.
• Minimum of three (3) years’ network/security equivalent work experience (five (5) years’ preferred).
• One or more of the following certifications: GIAC Security Essentials Certification, GIAC Security Leadership Certification, ISACA Certified Information Security Manager, Microsoft Certified Systems Engineer: Security, (ISC)2 SCCP, (ISC)2 CISSP, (ISC)2 ISSAP.
• Knowledge of Word, Excel, Internet navigation/research, and Outlook is expected.
• Hands-on hardware troubleshooting experience.
• Knowledge of applicable data privacy practices and laws.
• Excellent judgment and decision making skills.
• Ability to work independently and without supervision.
• Experience working in a team-oriented, collaborative environment utilizing excellent interpersonal/people skills and solid presentation skills.

Responsibilities

• Oversee the operations of the enterprise’s security solutions through management of the organization’s security analysts.
• Establish an enterprise security stance through policy, architecture and training processes.
• Select appropriate security solutions.
• Oversee vulnerability audits and assessments.
• Interface with peers in Information Security, Applications & Development, and Infrastructure & Operations to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
• Review server and firewall logs.
• Scrutinize network traffic.
• Establish and update virus scans.
• Troubleshoot security issues.
• Analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion.
• Conduct user activity audits when required.
• Assist in creating and maintaining the enterprise’s security documents (policies, standards, baselines, guidelines and procedures).
• Assist in creating and maintaining the enterprise’s Business Continuity Plan and Disaster Recovery Plan, where appropriate.
• Conduct research on security products, services, protocols and standards in support of procurement and development efforts.
• Provide recommendations to senior management related to security research.
• Maintain knowledge and awareness with emerging security alerts and issues.
• Ensure senior management is appraised of any issues or potential issues.
• Continually evaluate need for any security reconfigurations and recommend appropriate changes as needed.
• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes.
• Oversee the deployment, integration and configuration of all new security solutions and enhancements to existing security solutions in accordance with industry best operating procedures generically and the enterprise’s security policies and standards specifically.
• Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
• Ensure the enforcement of enterprise security documents.
• Supervise all investigations into problematic activity and provide on-going communication with senior management.
• As part of the Incident Response Core Team perform and oversee responsibilities assigned to security team members required by incident response management.
• Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
• Engage in ongoing communications with peers within IT and Information Security groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
• Complete all mandatory and elective training, including BSA (Bank Secrecy Act) and Anti-Money Laundering procedures.
• Maintain compliance with all appropriate rules and regulations.
• Regular, predictable attendance is an essential requirement of this position.
• Complete all other duties as assigned.